Logo

Cloud Computing Security


Book Cover
book with ISBN: 1461194067, is now available.


1. Authentication
  1. Brute Force

  2. Insufficient Authentication

  3. Weak Password Recovery Validation

2. Authorization
  1. Credential/Session Prediction

  2. Insufficient Authorization

  3. Insufficient Session Expiration

  4. Session Fixation

3. Client-side Attacks
  1. Content Spoofing

  2. Cross-site Scripting

4. Command Execution
  1. Buffer Overflow
  2. Format String Attack
  3. LDAP Injection
  4. OS Commanding
  5. SQL Injection
  6. SSI Injection
  7. XPath Injection
5. Information Disclosure
  1. Directory Indexing

  2. Information Leakage

  3. Path Traversal

  4. Predictable Resource Location

6. Logical Attacks
  1. Abuse of Functionality

  2. Denial of Service

  3. Insufficient Anti-automation

  4. Insufficient Process Validation

Corporate Security Policy Consulting

Protection of vital digital assets does not begin with hardware or software, but instead begins with vigilant planning. It would be quite difficult to protect your networks and systems if you don’t know what you want your security systems to protect, or if you don’t have an idea of how do you want that protection to function.

A security policy is a general statement of the business rules that define the goals and purpose of security within the organization; any organization, no matter how big and small. Security policies should be considered strategic documents since they define the overall purpose and direction for any security program and ultimately measure the success or failure of those efforts.

The cornerstone of such a document will describe the preparedness, detection, response and recovery efforts with respect to protection of digital assets. Every Security Policy document should undergo routine re-evaluation and revisions to compensate for an ever changing threat landscape and corporate risk tolerance.

INFOSECPRO believes that Security Policies shall be comprehensive, but adaptable enough to be effectively implemented and complied with. In the end, the policy must balance the criticality of the assets being protected versus the risk associated with unwanted data leakage. Taking into account organizational culture is paramount to the successful adoption of any Policy.

INFOSECPRO’s Corporate Security Policy Consulting service can not only assist with the formulation of a Security Policy Document , but we routinely review and benchmark existing policies against best practices. If so desired, various hands-on testing can be carried out against written policy documents in order to identify gaps.

To receive your Corporate Security Policy Review, please submit your payment of $99.00
B e t t e r: Please submit your payment of $999.00 for a complete Corporate Security Policy Development or Upgrade.
Business Name:
Contact Information:
Email Address:
URL or IP address: